1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef NET_CERT_SIGNED_CERTIFICATE_TIMESTAMP_H_
6 #define NET_CERT_SIGNED_CERTIFICATE_TIMESTAMP_H_
11 #include "base/time/time.h"
12 #include "net/base/hash_value.h"
13 #include "net/base/net_export.h"
17 // Structures related to Certificate Transparency (RFC6962).
20 // LogEntry struct in RFC 6962, Section 3.1
21 struct NET_EXPORT LogEntry {
22 // LogEntryType enum in RFC 6962, Section 3.1
24 LOG_ENTRY_TYPE_X509 = 0,
25 LOG_ENTRY_TYPE_PRECERT = 1
34 // Set if type == LOG_ENTRY_TYPE_X509
35 std::string leaf_certificate;
37 // Set if type == LOG_ENTRY_TYPE_PRECERT
38 SHA256HashValue issuer_key_hash;
39 std::string tbs_certificate;
42 // Helper structure to represent Digitally Signed data, as described in
43 // Sections 4.7 and 7.4.1.4.1 of RFC 5246.
44 struct NET_EXPORT_PRIVATE DigitallySigned {
55 enum SignatureAlgorithm {
56 SIG_ALGO_ANONYMOUS = 0,
65 HashAlgorithm hash_algorithm;
66 SignatureAlgorithm signature_algorithm;
68 std::string signature_data;
71 // SignedCertificateTimestamp struct in RFC 6962, Section 3.2.
72 struct NET_EXPORT SignedCertificateTimestamp {
73 // Version enum in RFC 6962, Section 3.2.
78 // Source of the SCT - supplementary, not defined in CT RFC.
81 SCT_FROM_TLS_HANDSHAKE = 1,
82 SCT_FROM_OCSP_RESPONSE = 2,
85 SignedCertificateTimestamp();
86 ~SignedCertificateTimestamp();
91 std::string extensions;
92 DigitallySigned signature;
93 // The origin should not participate in equality checks
94 // as the same SCT can be provided from multiple sources.
102 #endif // NET_CERT_SIGNED_CERTIFICATE_TIMESTAMP_H_